Monday, July 31, 2017

Attacks of Ransomware strucks South Dakota plastic surgery practice

Plastic Surgery of South Dakota is providing about 10,200 current and former patients a year of credit and identity protection services amid concerns that their information was accessed during a mid-February ransomware attack.

The agency removed the ransomware from its information systems and decrypted data, then brought in security experts to determine if any data was accessed by unauthorized users. While the majority of records were not accessed, the practice was unable to rule out whether a smaller subset of sufferer records had been breached.

To date, although, there is no proof of any actual or attempted misuse of data, the practice noted in a patient notification letter. Information that could have been compromised includes patients’ names, driver’s license numbers, Social Security numbers, state identification numbers, credit and debit card information, medical conditions and diagnosis information, lab results, addresses, dates of birth and health insurance data.

Plastic Surgery of South Dakota is further recommending a range of steps for affected individuals to take to protect themselves, including monitoring credit reports and explanations of benefits; getting free credit reports from the three major credit bureaus; placing fraud alerts on credit files and placing a security freeze on credit reports, which prohibits release of information from the reports absent consumer authorization.

The practice refused to give further details about the incident beyond a patient notification letter.

 

No comments:

Post a Comment